SIERRA:21 – Living on the Edge

December 6, 2023

Forescout Vedere Labs has discovered 21 new vulnerabilities within OT/IoT routers and open-source software components, highlighting new risk in your critical infrastructure.

This new research confirms some of the trends that Forescout Vedere Labs has been tracking and analyzing:

Vulnerabilities (and consequently attacks) on routers and network infrastructure are on the rise. State-sponsored actors have been developing custom malware to use routers for persistence and espionage, while cybercriminals are leveraging them for residential proxies and to recruit into botnets.

Vulnerabilities in OT/IoT devices often arise from design flaws (such as the use of hardcoded credentials and certificates we saw in OT:ICEFALL) or issues when parsing malformed input (as we saw with Project Memoria).

Supply chain components, including open-source software provided by third parties, can introduce high risk and increase the attack surface of critical devices, leading to vulnerabilities that may be hard for asset owners to track and mitigate.

Price: FREE

About the Provider

Forescout Technologies is the leader in device visibility and control. Our unified security platform enables enterprises and government agencies to gain complete situational awareness of their extended enterprise environment and orchestrate actions to reduce cyber and operational risk.


OT/IoT routers, vulnerabilities